Discussions
Stay up-to-date with the latest news from NetSuite. You’ll be in the know about how to connect with peers and take your business to new heights at our virtual, in-person, on demand events, and much more.
Now is the time to ask your NetSuite-savvy friends and colleagues to join the NetSuite Support Community! Refer now! Click here to watch and learn more!
Stay in the Know
Be sure you're subscribed to NetSuite communication to stay in the know about monthly happenings, updates and announcements. Subscribe
Be sure you're subscribed to NetSuite communication to stay in the know about monthly happenings, updates and announcements. Subscribe
Please note that on Friday, March 20, 2026, at 8:00 PM Pacific time, our Case Management System will undergo a scheduled maintenance for approximately 4 hours. During this time, case creation via SuiteAnswers will be unavailable and inbound calls will be routed to Customer Service.
Removing Netsuite stub dependency on Axis 1.4 jar
We are using Netsuite stub to call SOAP API's. The stub has dependency on Apache Axis 1.4 Jar
Apache Axis 1.4 Jar contains Vulnerabilities like CVE-2019-0227 : A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor to Axis 1.x is Axis2, the latest version is 1.7.9 and is not vulnerable to this issue.
The severity is high with Base Score: HIGH (7.5)
Please let me know if we can have any alternative way to connect Netsuite or can replace the dependency for Axis 1.4 jar to higher version as part of dependency.
0